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REMARKS 



In response to the Office Action mailed April 1, 2003, Applicants respectfully request 
reconsideration. To further the prosecution of this application, amendments have been made to 
the claims, and the claims as presented are believed to be in allowable condition. 

Claims 1-85 are pending in this application. Claims 62, 63, 65, 68, 69, 74, 75, 77, 80, 81, 
and 83 have been amended herein. 

Claims 1-61 stand rejected under 35 U.S.C. § 103(a) as being unpatentable over U.S. 
Patent No. 6,041,345 to Chen et al. (Chen) in view of U.S. Patent No. 6,157,378 to Bormann et 
al (Bormann) and U.S. Patent No. 5,768,552 to Jacoby (Jacoby). Claims 62-85 stand rejected 
under 35 U.S.C. § 103(a) as being unpatentable over Chen in view of IBM Technical Disclosure 
Bulletin (TDB) No. NB9203306 (IBM TDB). These rejections are respectfully traversed. 



Initially, the undersigned appreciates the courtesies extended to him by Examiner Dinh 
during the telephone interview of May 12, 2003. The substance of this interview is summarized 
below. 

During the telephone interview, the rejection of claims 1-61 under 35 U.S.C. §103(a) 
over Chen in view of Bormann and Jacoby was discussed. The undersigned noted that the 
rejection of claim 1 (and presumably also claim 37) appeared to be based on the combination of 
only two references (Chen and Bormann), rather than the three references (Chen, Bormann, and 
Jacoby) as indicated at page 2 of the Office Action. Examiner Dinh clarified that the rejection of 
independent claims 1 and 37 was based upon the combination of Chen and Bormann, while 
others of the dependent claims were rejected over the combination of Chen and Bormann in 
further view of Jacoby. The undersigned indicated that this response would be based upon the 
rejection as clarified during this brief interview. 



1. Claims 1-61 

With respect to claims 1-61, the Office Action asserts that Chen teaches "a storage 
system that is assessble [sic] by a plurality of users over a network," and that "each user has 
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access to [a] different portion of data on the storage device ," citing column 5, lines 5-30. The 
Office Action concedes that Chen does not teach "a graphical user interface for [sic] administer 
the privileges and system that logged in." However, the Office Action asserts Bormann teaches 
a graphical user interface for simplifying maintenance of a system and which displays a 
representation of host processing systems that are logged into the system and login information, 
and that it would have been obvious for one of ordinary skill in the art to apply the teachings of 
Bormann to Chen because "it would have provided an improved interface for management of the 
system." 

With respect to Jacoby, the Office Action asserts that Jacoby teaches a graphical method 
for monitoring and displaying connections to enable a user to visually monitor the network, and 
that it would have been obvious for one of ordinary skill in the art to apply the network 
management method of Jacoby to the storage system of Chen because it would have provided an 
"intuitive, easy to comprehend way to monitor the storage system." These rejections are 
respectfully traversed. 

A. The Disclosure of Chen 

Chen is directed to a system for providing access to a remote network wherein an internet 
appliance, such as a router, is allowed to access a portion of a mass storage device (Abstract, 
Col. 2, line 26-38). Because internet appliances typically lack memory to perform applications 
such as electronic mail (e-mail), Chen allocates a portion of internal mass storage in another 
system on the network, such as a workstation or file server, and maps the internal mass storage in 
the other system to the internet appliance (Col. 3, lines 6-16 and lines 57-65). 

Figure 2 of Chen illustrates the establishment of a link between a mass storage device and 
the internet appliance (Col. 4, lines 56-58). The mass storage device 180 is given a name in step 
240 and users of the mass storage device 180 are then defined in step 250. In step 250, internet 
appliance 1 10 is defined as a user, and a password required to access the mass storage device 180 
is then provided via step 260 (Col. 5, lines 6-9). Because only identified users can access the 
mass storage device 180 and a password is required to be provided by the internet appliance 110 
to access the mass storage device 180, the application residing in mass storage device 180 is 
secure (Col. 5, lines 9-13). 
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Figure 3 of Chen shows a method for accessing mass storage device 180 (Col. 5, lines 16- 
17). When the internet appliance 1 10, or another component of the network 100, attempts to 
access the mass storage device 180, then via step 310, the internet appliance 110 will search for 
the component (i.e., file server 120) with the proper identity as defined in step 230 (Col. 5, lines 
17-21). In step 320, the internet appliance 1 10 then finds the appropriate folder in the file server 
120 using the name of the mass storage device 180 provided in step 240 (Col. 5, lines 21-24). It 
is determined in step 330 whether the internet appliance 1 10 is a named user (Col. 5, lines 25- 
26). If the internet appliance is a named user, it must be determined if the password is correct, 
via step 340 (Col. 5, lines 28-30). If the correct password is not provided, access to the mass 
storage device 180 is denied, but if the password is correct, authorized users can access the mass 
storage device 180 (Col. 5, lines 30-34). Using the mass storage device 180, the internet 
appliance 110 provides applications (such as e-mail) to workstation A 130 through workstation E 
170. (Col. 5, lines 35-40.) 

In summary, Chen discloses an internet appliance 1 10, such as a router, that accesses 
folders of another system (i.e., file server 120) residing on a mass storage device 180 using a user 
name and password to support an application, such as e-mail, and provides that application to 
users of other systems (e.g., users of workstations A-E). 

B. The Disclosure of Bormann 

Bormann is directed to a graphical user interface (GUI) for a distributed switch having 
multiple operators. (Col. 1, lines 45-49.) Bormann discloses that traditional non-distributed 
network switches are maintained by maintenance technicians that are remotely located, and that 
typically, multiple maintenance technicians may be involved in performing maintenance 
simultaneously, thereby giving rise to potential interference between them. (Col. 1, lines 50-61.) 
These and other problems are exacerbated when the interaction is with distributed network 
switches (Col. 2, lines 48-60.) Accordingly, Bormann provides a graphical user interface for a 
distributed switch that permits operator identifiers and login information associated with 
operators to be received and displayed. (Col. 3, lines 26-34.) The op erators m ay include human 
operators and computer operating systems, and the login information may include information 
about an operator's activities within the distributed switch. (Col. 3, line 35- col. 4, line 6.) 
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C. The Disclosure of Jacobv 

Jacoby is directed to graphically displaying the network topology and information 
interchange activity occurring on a computer network. (Col. 1, lines 13-16.) Specifically, by 
scanning information packets passing across the network, and decoding the information packets 
to extract the source and destination address information, a database containing information 
relating to the topology of the network and information transfer activity occurring on the network 
is provided. (Col. 6, lines 29-47). Using that network database, a network monitor generates a 
graphical representation of the network topology and information transfer activity. (Col. 6, lines 
47-50.) 

D. The Combination of Chen and Bormann is Improper 

There is no motivation to combine the teachings of Bormann with the internet appliance 
of Chen for the reasons asserted (or for any other reason). 

Chen is directed to an internet appliance that provides an application, specifically an e- 
mail application, to users of a plurality of workstations. Once a link between the mass storage 
device 180 of the file server 120 and the internet appliance 1 10 is set up as shown in Fig. 2, users 
of the workstations A-E can access the storage on the mass storage device 180 through the 
internet appliance 1 10 for e-mail. (See col. 5, lines 35-40.) In this regard, Chen discloses a 
system in which centralized control of access to a portion of the mass storage device 1 80 residing 
on a file server 120 is provided via an internet appliance 1 10. 

In contrast, the GUI described in Bormann is specifically adapted to a distributed switch 
in which various processors 120-123 are connected to a central hub 1 10 (see Fig. 1). Indeed, it is 
the distributed nature of the switch in Bormann that gives rise to the need for "additional 
coordination between technicians and individuals interacting with the distributed switch." (Col. 
2, lines 47-60.) 

One of ordinary skill in the art would not have been motivated to combine the teachings 
of Bormann with those of Chen, because the system of Chen is centralized, not distributed. All 
access to the mass storage device 180 in the file server 120 in Chen is via the internet appliance 
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Furthermore, the asserted basis for the combination of Chen and Bormann (i.e., that it 
would have been obvious for one of ordinary skill in the art to apply the teachings of Bormann to 
Chen because "it would have provided an improved interface for management of the system") is 
completely lacking in Chen. Nowhere does Chen disclose, teach, or suggest that any type of 
management activity is required for the internet appliance 1 10 beyond the initial configuration 
and upgrading of the internet appliance itself. With respect to the initialization, Chen discloses 
that after performing the steps illustrated in the flow charts of Figs. 2 and 3, the internet 
appliance 1 10 can provide applications to workstation A 130 through workstation E 170. 
Upgrading of the internet appliance of Chen is simply achieved by "placing an upgrade file in a 
recognizable location," and then "rebooting" the internet appliance. (Col. 5, line 55- col. 6, line 6 
and Fig. 4.) This is in contrast to the distributed switch of Bormann, wherein multiple 
maintenance technicians, multiple processors, multiple operating systems etc. are involved, and 
maintenance activity needs to be coordinated. (See col. 2, lines 48-60 and col. 7, lines 52-67.) 

In summary, nowhere does Chen disclose, teach, or suggest that any management of the 
internet appliance is required beyond the initial setup and the potential upgrading of the internet 
appliance that is achieved in the manner illustrated in Figs. 2, 3, and 4. As such, one of ordinary 
skill in the art would not have been motivated to provide "an improved interface for 
management" of the system of Chen, because only a minimal level of management is even 
required. Further, because Chen is directed to an internet appliance that provides centralized 
access and control of an email application, and the internet appliance of Chen requires little to no 
management beyond that minimum amount of activity initially required, one of ordinary skill in 
the art would not have been motivated to combine the teachings of Chen and Bormann for any 
reason. Accordingly, the rejection of claims 1-61 under 35 U.S.C. §103(a) over the asserted 
combination of Chen and Bormann is improper and should be withdrawn. 

E. Claims 1-61 Patentably Distinguish Over the Combination of Chen and Bormann 
Even if the combination of Chen and Bormann under 35 U.S.C. § 103(a) were proper, 
each of claims 1-61 patentably distinguishes over the asserted combination because the asserted 
combination does not identify each of the plurality of host processors that is logged into the 
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storage system as being logged into the storage system, as recited in each of independent claims 
1 and 37. 

Claim 1 is directed to a computer readable medium encoded with a program for execution 
on a computer system that includes a plurality of host processors coupled to a storage system 
over a network. The program, when executed on the computer system, performs a method 
comprising a step of displaying a first representation of each of the plurality of host processors 
that is logged into the storage system over the network, wherein the first representation identifies 
each of the plurality of host processors that is logged into the storage system as being logged into 
the storage system. 

As described in Fig. 2 of Chen, the internet appliance 1 10 first establishes a link with the 
mass storage device 180 residing in the file server 120, with the internet appliance 1 10 being 
defined as a "user." (See step 250, and col. 5, lines 5-7.) When access is to be provided for one 
or more users of the workstations A-E, the internet appliance 1 10 provides its user name and 
password to gain access to the mass storage device 180 on the file server 120, and if the proper 
user name and password is provided, "authorized users" such as users of the workstations A-E 
"can then access the mass storage device 180." (Col. 5, lines 16-33.) 

However, as explained at column 5, lines 35-40 of Chen, access to the mass storage 
device 180 on the file server 120 by workstations A-E is provided by the internet appliance 110. 
That is, once the internet appliance 1 10 has successfully provided its name and password to the 
file server 120, workstations A-E are provided with access to email application folders on the 
mass storage device 180, without the workstations A-E themselves ever havingto log into the 
file server 120. Indeed, Chen does not even identify whether the workstations A-E need to log 
into the internet appliance 1 10 to be provided with such access. Thus, the storage system of 
Chen (i.e., the file server 120 with its mass~storage device 180) is incapable of identifying 
whether any of the various workstations A-E is actually logged into the file server, as the only 
device that logs into the file server is the internet appliance 1 10 itself— all others access the mass 
storage device 180 via the internet appliance 110. 

Further, the internet appliance is identified to the file server 120 as a "user" and not as a 
host processor as recited in Applicants' claim 1. Indeed, in the rejection of claim 1, the Office 
Action asserts that "Chen teaches a storage system that is assessble [sic] by a plurality of user[s] 
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over a network," and that "each user has access to [a] different portion of data on the storage 
device." As well known to those skilled in the art, a host processor may have a number of users, 
but those users are not necessarily host processors. 

Accordingly, because the system of Chen is incapable of identifying each of a plurality of 
host processors that is logged into a storage system over a network as being logged into the 
storage system, then even if the graphical user interface of Bormann were combined with the 
system of Chen, claim 1 still patentably distinguishes thereover, as the combination would be 
incapable of graphically displaying information (i.e., which host processors are logged in) that it 
can not even identify. Accordingly, claim 1 patentably distinguishes over the combination of 
Chen and Bormann, and the rejection of claim 1 under 35 U.S.C. § 103(a) based thereon should 
be withdrawn. 

Claim 37 is directed to a method for use in a computer system having a plurality of host 
processors coupled to a storage system over a network. The method comprises a step of 
displaying, on a display in the computer system, a first representation of each of the plurality of 
host processors that is logged into the storage system over the network, wherein the first 
representation identifies each of the plurality of host processors that is logged into the storage 
system as being logged into the storage system. 

As should be clear from the foregoing, the asserted combination of Chen and Bormann is 
incapable of displaying a first representation of each of a plurality of host^r^es^sJhaUs^ \ 
logged into the storage system as being logged into the storage system, because the system of ! 
Chen cannot even identify which host processors are logged in. All the system of Chen could \ 
possibly identify is that the internet appliance itself is logged in, but it could not identify whether 
users of the workstations A-E were logged in, because access to the mass storage device by the 
workstations A-E is provided through the internet appliance. Thus, claim 37 patentably 
distinguishes over the combination of Chen and Bormann, and thus, the rejection of claim 37 
under 35 U.S.C. § 103(a) based thereon should be withdrawn. 

Although the Office Action does not specifically indicate which of dependent claims 2-36 
and 38-61 are asserted to be obvious over the combination of Chen, Bormann, and Jacoby, 
Applicants respectfully point out that the graphical representation provided by Jacoby is based 
upon scanning information packets passing across a network, and decoding the information 
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packets to extract the source and destination address information. (See col. 6, lines 29-56.) Thus, 
although Jacoby can identify the source and destination of an information packet, such 
information does not indicate whether or not one device is logged into another. Indeed, the 
information represented by Jocoby only identifies whether an information packet was sent, but 
does not indicate whether the information packet was even received at the destination address. 
Accordingly, because the graphical representation provided by Jacoby is incapable of identifying 
whether or not one device is logged into another, claims 2-36 and 38-61 patentably distinguish 
over the asserted combination of Chen and Bormann alone, or in combination with Jacoby. 

2. Claims 62-85 

With respect to the rejection of claims 62-85, the Office Action asserts that Fig. 2 and 
column 5, lines 5-15 of Chen discloses a method for changing access privileges to a portion of 
data on a storage system over a network. The Office Action concedes that Chen does not teach a 
graphical user interface for displaying and enabling modification of the privileges in response to 
a graphical selection, but asserts that the IBM TDB teaches a graphical user interface for security 
administration. The Office Action alleges that it would have been obvious for one of ordinary 
skill in the art to apply the teachings of the IBM TDB to Chen because it would have improved 
the system by allowing the user to administer the system from a graphical user interface and 
prevented the user from having to know or remember commands or syntax to accomplish the 
task. 

As noted above, nowhere does Chen indicate that the amount of administrative activity 
necessary to manage the system of Chen (including the assignment or changing of access 
privileges) is other than minimal. Accordingly, Applicants respectfully assert that one of 
ordinary skill in the art would not have been motivated to combine the system of Chen with the 
graphical user interface for security administration of the IBM TDB, as the minimal amount of 
security administration in Chen doesn't warrant such an elaborate security administration 
interface. 

Nonetheless, in an effort to further the prosecution of this application, Applicants have 
made several clarifying amendments to the claims and explain below how the amended claims 
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patentably distinguish over the combination of Chen and the IBM TDB, so that the rejection of 
claims 62-85 under 35 U.S.C. §103(a) over that combination should be withdrawn. 

A. The Disclosure of the IBM TDB 

The IBM TDB is directed to a graphical user interface (GUI) for a distributed computing 
environment, distributed security environment which will display all security objects with a 
known span of control for security administration purposes. (Page 1, first paragraph.) As 
described in the IBM TDB, security administration consists of setting up the various aspects of a 
distributed security service and involves the following object types: registry objects that contain 
user account, group, organization, and principal object containers; organization objects that 
provide a mechanism for partitioning the administration of a security registry database; group 
objects that allow the granting of an identical set of privileges to members of a group; principal 
objects that may be a machine or server identity and are the basic object upon which user 
accounts are constructed; and user account objects that are the unit of access to resource on 
machines in the distributed computing environment. (Page 1, paragraphs 2-9.) 

B. Claims 62-85 Patentably Distinguish Over the Combination of Chen and the IBM 

TDB 

Assuming that one of ordinary skill in the art would have been motivated to apply the 
teachings of the IBM TDB to Chen in the manner asserted, each of independent claims 62, 68, 
74, and 80 patentably distinguishes over the asserted combination. This is because the asserted 
combination fails to disclose or suggest a step of modifying access privileges to a volum e of dat a, 
stored on a storage system by one of a plurality of host processors in response to a graphical 
selection of either (1) a graphical representation of the volume of data as recited in each of 
independent claims 62 and 68, or (2) a graphical representation of one of the plurality of host 
processors as recited in each of independent claims 74 and 80. 

Chen teaches a technique whereby a device (i.e., the internet appliance 1 10) is provided 
access to an appropriate f olc^ c^jnass jtorage device 180 by logging in using a user name and 
password combination (Col. 5, lines 21-34). 
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1. Claims 62-67 

By contrast, claim 62 is directed to a computer readable medium encoded with a 
program, that, when executed on a computer system that includes a plurality of host processors 
that are coupled to a storage system over a network, performs a method that includes a step of 
modifying access privileges to a volume of data stored on the storage system by one of a 
plurality of host processors in response to a graphical selection of a graphical representation of 
the volume of data. 

Chen does not disclose, teach, or suggest modifying access privileges to a volume of data 
as recited in claim 62. Specifically, the file folders disclosed in Chen are not volumes of data. 

The purpose of Chen is to provide an internet appliance with access to an application 
(such as e-mail). (Col. 6, lines 8-9). In particular, Chen teaches accessing a folder named virtual 
mailbox to provide e-mail capability to the internet appliance (Col. 5, lines 3-4). Chen's e-mail 
system, as other types of e-mail systems, does not access volumes; e-mail applications only 
access folders and files. 

As discussed in related appli cation se rial no. 09/107,618 in response to a rejection over 
Chen, a folder, as is known in the art, is not functionally equivalent to a volume. Specifically, a 
folder is a named collection of related files that can be retrieved, moved, and otherwise 
manipulated as one entity, and is an organizational construct of a directory structure which is 
defined at a higher lever than a volume. A volume, on the other hand, is a logical grouping of 
Jdiskstorage devices^that can~be allocated to a device (e.g., a host) for storage space. One skilled 
in the art would not equate the terms volume and folder, as they are well-defined in the art as 
separate constructs. Accordingly, because the term volume is well understood in the art and 
distinguishes over the e-mail folders of Chen, and because Chen does not disclose or suggest 
managing access to a volume of data stored on a storage system, claim 62 patentably / 
distinguishes over Chen. 

Claim 62 similarly patentably distinguishes over the IBM TDB. Although the IBM TDB 
discloses a variety of different objects (registry objects, organization objects, group objects, 
principal objects, and user account objects) that may be graphically selected and acted upon, 
nowhere does the IBM TDB disclose, teach, or suggest that these objects may include a volume 
of data stored on a storage system. Accordingly, as neither Chen nor the IBM TDB discloses or 



705272.1 



Serial No.: 09/343,969 -29- Art Unit: 2153 

suggests modifying access privileges to a volume of data stored on a storage system as recited in 
claim 62, claim 62 patentably distinguishes over the asserted combination of Chen and the IBM 
TDB. Therefore, the rejection of claim 62 under 35 U.S.C. §103(a)over the combination of Chen 
and the IBM TDB should be withdrawn. 

Claims 63-67 depend either directly or indirectly from claim 62 and patentably 
distinguish over the combination of Chen and the IBM TDB for at least the same reasons. 

2. Claims 68-73 

Claim 68 is directed to a method of managing access to data storage on a storage system 
from a plurality of host processors that are coupled to the storage system over a network. The 
method includes a step of modifying access privileges to a volume of data stored on the storage 
system by one of a plurality of host processors in response to a graphical selection of a graphical 
representation of the volume of the data. Claim 68 patentably distinguishes over the asserted 
combination of Chen and the IBM TDB for reasons similar to those discussed above with respect 
to claim 62. Specifically, neither reference discloses or suggests a step modifying access 
privileges to a volume of data stored in a storage system in the manner recited in claim 68. 

Claims 69-73 depend either directly or indirectly from claim 68 and patentably 
distinguish over the combination of Chen and the IBM TDB for at least the same reasons. 

3. Claims 74-79 

Claim 74 is directed to a computer readable medium encoded with a program that, when 
executed on a computer system including a plurality of host processors that are coupled to a 
storage system over a network, performs a method. The method includes a step of modifying 
access privileges to a volume of data by one of the plurality of host processors in response to a 
graphical selection of the graphical representation of one of the plurality of host processors. 

Neither Chen, the IBM TDB, nor the asserted combination of Chen and the IBM TDB 
discloses or suggests a step of modifying access privileges to a volume of data stored on a 
storage system in the manner recited in claim 74. Accordingly, claim 74 patentably distinguishes 
over the asserted combination of Chen and the IBM TDB, and thus, the rejection under 35 
U.S.C. § 103(a) based thereon should be withdrawn. 
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Claims 75-79 depend either directly or indirectly from claim 74 and patentably 
distinguish over the combination of Chen and the IBM TDB for at least the same reasons. 

4. Claims 80-85 

Claim 80 is directed to a method of managing access to data stored on a storage system 
from a plurality of host processors that are coupled to the storage system over a network, and 
recites a step of modifying access privileges to a volume of data in response to a graphical 
selection of a graphical representation of one of the plurality of host processors. 

Claims 81-85 depend either directly or indirectly from claim 80 and patentably 
distinguish over the combination of Chen and the IBM TDB for at least the same reasons. 
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CONCLUSION 



In view of the foregoing amendments and remarks, this application should now be in 
condition for allowance. A notice to this effect is respectfully requested. If the Examiner 
believes after this Amendment that the application is not in condition for allowance, the 
Examiner is requested to call Applicants' attorney at the number listed below to discuss any 
outstanding issues relating to allowability. 

If this response is not considered timely filed, and if a request for an extension of time is 
otherwise absent, Applicants hereby request any necessary extension of time. If there is a fee 
occasioned by this response, including an extension fee, that is not covered by the enclosed 
check, please charge any deficiency to Deposit Account No. 23/2825. 




Wolf, Greenfield & Sacks, P.C. 
600 Atlantic Avenue 



Boston, MA 02210-2211 
Tel. No.: (617)720-3500 



Attorney's Docket No.: E00295.70097.US 
Dated: May 22, 2003 
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